AI

Data retention strategies for GDPR compliance matter, even for North American organizations. The UK and EU’s General Data Protection Regulation (GDPR) has extra territorial reach, meaning it applies to any organization, regardless of location, if that organization offers goods or services to, or monitors the behaviour of individuals in the EU or UK and processes […]

As we wrap up our four-part EU AI Act blog series, this final installment explores some of the key strategies Canadian and US organizations can implement to keep ahead of the curve and ensure EU AI Act compliance. For North American organizations, this often means implementing compliance measures that go beyond domestic requirements, particularly in

Part 3 of our four-part guide to EU AI Act compliance examines how North American organizations can navigate the Act’s requirements, including organizational roles and key obligations. The AI Act will come into full effect in August 2026, 24 months after its official publication, although certain provisions will come into force earlier. For a detailed

In the second part of our four-part guide to EU AI Act compliance for North American organizations, we explore the Act’s risk-based approach to classifying AI systems. What applications are prohibited, what constitutes ‘high-risk’ activity, and what systems are exempt?  For details of the AI Act’s timeline and deadlines for its phased implementation, see Part

Our four-part guide to EU AI Act compliance explores what North American organizations need to know about the upcoming legal obligations when rolling out certain artificial intelligence (AI) technologies under the EU’s landmark AI Act.  If your organization operates in or serves EU markets and has AI-driven chatbots to handle customer inquiries, develops predictive algorithms